CN111641733A - Network bridge equipment management method and device and readable storage medium - Google Patents

Network bridge equipment management method and device and readable storage medium Download PDF

Info

Publication number
CN111641733A
CN111641733A CN202010509262.6A CN202010509262A CN111641733A CN 111641733 A CN111641733 A CN 111641733A CN 202010509262 A CN202010509262 A CN 202010509262A CN 111641733 A CN111641733 A CN 111641733A
Authority
CN
China
Prior art keywords
domain name
request
protocol
host configuration
dynamic host
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010509262.6A
Other languages
Chinese (zh)
Other versions
CN111641733B (en
Inventor
高华辰
曾庆初
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yichen Shenzhen Technology Co ltd
Original Assignee
Yichen Shenzhen Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yichen Shenzhen Technology Co ltd filed Critical Yichen Shenzhen Technology Co ltd
Priority to CN202010509262.6A priority Critical patent/CN111641733B/en
Publication of CN111641733A publication Critical patent/CN111641733A/en
Application granted granted Critical
Publication of CN111641733B publication Critical patent/CN111641733B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • H04L61/5014Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method and a device for managing network bridge equipment and a readable storage medium, and relates to the technical field of wireless communication networks. The bridge device management method comprises the following steps: when the network bridge equipment is connected to a network, acquiring a management internet protocol address from a superior route according to a dynamic host configuration protocol; modifying the target domain name system protocol information in the dynamic host configuration protocol data packet; sending the modified dynamic host configuration protocol data packet to terminal equipment; when a domain name system protocol request initiated by the terminal equipment is received, a preset fixed domain name corresponding to the domain name system protocol request is resolved into a management internet protocol address through a target domain name server determined by the address of the target domain name server, so that the terminal equipment can access a management interface of the network bridge equipment according to the management internet protocol address, and the management of the network bridge equipment can be reliably realized.

Description

Network bridge equipment management method and device and readable storage medium
Technical Field
The present invention relates to the field of wireless communication network technologies, and in particular, to a method and an apparatus for managing a bridge device, and a readable storage medium.
Background
The router acts as a switch in the bridge mode and functions to extend the upper network. In the prior art, a router in a bridge mode is used as a bridge device, and does not allocate a local area network IP (Internet Protocol Address, abbreviated as Internet Protocol Address), and one of the ports must be connected to a higher-level route capable of allocating the local area network IP Address. However, the router itself needs a management interface for the user to perform the setting management, that is, the router itself needs an IP address for managing the setting interface, and in the bridge mode, the address is not necessarily in the same network segment with the IP address allocated by the upper level route, and even in the same network segment, there is a possible local area network IP address conflict with the upper level route.
Managing routes through the above prior art has the following drawbacks:
(1) there is a possibility of IP address conflict, and since the bridge device setting management IP is fixed, there is a possibility that an IP assigned by a higher-level route is duplicated with the bridge device setting management IP, so-called IP conflict may be caused at this time, and thus it is impossible to access the bridge device management setting interface.
(2) The user operation is complicated, the user is required to manually set a fixed IP, and the IP also needs to be in the same network segment with the bridge device management IP, which is difficult for the user without professional knowledge.
(3) After the fixed IP is set to access the bridge device management interface, it is inconvenient to use because the set IP address is not in the same network segment as the IP address assigned by the upper-level route.
It follows that prior art routing bridge device solutions are not reliable.
Based on this, it is necessary for those skilled in the art to solve how to provide a reliable bridge device management scheme.
Disclosure of Invention
The invention aims to provide a bridge device management method, a bridge device management device and a readable storage medium.
In a first aspect, an embodiment of the present invention provides a method for managing a bridge device, which is applied to a bridge device in a bridge device management system, where the bridge device is in communication connection with a terminal device, a higher-level router, and a domain name server, respectively;
the method comprises the following steps:
when the network bridge equipment is connected to a network, acquiring a management internet protocol address from the superior route according to a dynamic host configuration protocol;
restarting a domain name system protocol proxy of the bridge device to determine a domain name server internet protocol address from the dynamic host configuration protocol;
starting a preset firewall to intercept a dynamic host configuration protocol data packet sent out by the superior route, wherein the dynamic host configuration protocol data packet comprises a plurality of domain name system protocol information;
modifying the target domain name system protocol information in the dynamic host configuration protocol data packet to obtain a modified dynamic host configuration protocol data packet;
sending the modified dynamic host configuration protocol data packet to the terminal equipment so that the terminal equipment acquires a target domain name server address determined based on the target domain name system protocol information from the modified dynamic host configuration protocol data packet;
when receiving a domain name system protocol request initiated by the terminal equipment, resolving a preset fixed domain name corresponding to the domain name system protocol request into a management internet protocol address through a target domain name server determined by the target domain name server address, so that the terminal equipment can access a management interface of the network bridge equipment according to the management internet protocol address.
Optionally, the method further comprises:
setting a management internet protocol address of the bridge device to a fixed internet protocol address when the bridge device is not connected to a network;
distributing an access internet protocol address in the same network segment as the management internet protocol address;
and sending the access internet protocol address to the terminal equipment so that the terminal equipment can access the management interface of the network bridge equipment based on the access internet protocol address when initiating a domain name system protocol request.
Optionally, the modifying the target domain name system protocol information in the dynamic host configuration protocol data packet to obtain a modified dynamic host configuration protocol data packet includes:
acquiring a dynamic host configuration protocol data packet to be modified;
resolving the DHCP data packet into a plurality of DNS protocol messages, wherein the DNS protocol messages are used for indicating the DHCP server to generate Internet protocol address pointing addresses corresponding to the DNS protocol messages, the DNS protocol messages are also used for indicating the corresponding DHCP server to respectively determine the corresponding DNS protocol messages into dynamic host configuration protocol broadcast messages and dynamic host configuration protocol unicast messages, respectively extracting dynamic host configuration protocol request parameters from each sub-broadcast message of the dynamic host configuration protocol broadcast messages, and extracting the dynamic host configuration protocol confirmation parameters from each sub-broadcast message of the dynamic host configuration protocol unicast messages, determining network pointing identification feature information according to the dynamic host configuration protocol request parameters, and confirming the reference messages according to the dynamic host configuration protocol Determining network address identification characteristic information;
adding each of a plurality of domain name system protocol information to a processing flow form, wherein each of the domain name system protocol information corresponds to a domain name pushing item in the processing flow form one to one;
sequentially selecting domain name pushing items from the processing flow form, and distributing the selected domain name pushing items to the dynamic host configuration protocol servers in parallel, wherein the domain name pushing items are used for indicating each dynamic host configuration protocol server to generate Internet protocol address pointing addresses corresponding to a plurality of domain name system protocol information corresponding to the domain name pushing items;
and modifying the target domain name system protocol information based on the network pointing identification characteristic information and the network address identification characteristic information to obtain a modified dynamic host configuration protocol data packet.
Optionally, the dhcp server includes a first dhcp server and a second dhcp server;
the method further comprises the following steps:
when the first dynamic host configuration protocol server in the idle state does not exist, the domain name pushing item in the processing flow form is parallelly distributed to a second dynamic host configuration protocol server in the idle state, wherein the domain name pushing item is used for indicating the second dynamic host configuration protocol server to generate an internet protocol address pointing address corresponding to a plurality of domain name system protocol information corresponding to the domain name pushing item.
Optionally, the method further comprises:
adding a pushing time node for each domain name pushing item, wherein the pushing time node is used for representing the task initiation time of the corresponding domain name pushing item;
and when the difference between the task initiation time recorded by the pushing time node and the current time is greater than a preset threshold value, judging that no first dynamic host configuration protocol server in an idle state exists.
Optionally, when receiving that the terminal device initiates a domain name system protocol request, the method further includes:
acquiring a domain name system protocol request sequence, wherein the domain name system protocol request sequence comprises a preset number of request vectors, the preset number of request vectors correspond to a preset number of request time nodes, and each request vector in the preset number of request vectors is a domain name system protocol request received by the corresponding request time node;
acquiring preset request identification information of the domain name system protocol request sequence according to the domain name system protocol request sequence;
determining a first request type to which the domain name system protocol request sequence belongs from a plurality of request types according to the preset request identification information, wherein each request type in the plurality of request types corresponds to a request parameter group, and the preset request identification information belongs to the request parameter group corresponding to the first request type;
and detecting the abnormal condition of the domain name system protocol request sequence according to a first class detection model corresponding to the first request type, wherein each request type in the plurality of request types corresponds to one request type detection model, and the detection model is used for detecting the abnormal condition of the domain name system protocol request.
Optionally, the preset request identification information further includes a request judgment basis, where the request judgment basis is used to represent a request signal variation around a long-term trend presented in the domain name system protocol request sequence;
the acquiring the preset request identification information of the domain name system protocol request sequence according to the domain name system protocol request sequence comprises:
decomposing each request vector in the preset number of request vectors in the domain name system protocol request sequence into a strength component vector, a request component vector and a confidence coefficient component vector;
determining a first sub-domain name system protocol request sequence comprising a preset number of the request component vectors and a second sub-domain name system protocol request sequence comprising a preset number of the confidence component vectors;
and acquiring preset request identification information of the domain name system protocol request sequence according to the first sub-domain name system protocol request sequence and the second sub-domain name system protocol request sequence.
In a second aspect, an embodiment of the present invention provides a bridge device management apparatus, which is applied to a bridge device in a bridge device management system, where the bridge device is in communication connection with a terminal device, a superior router, and a domain name server, respectively;
the device comprises:
an obtaining module, configured to obtain a management internet protocol address from the upper-level route according to a dynamic host configuration protocol when the network bridge device is connected to a network;
the restarting module is used for restarting a domain name system protocol agent of the network bridge equipment so as to determine a domain name server internet protocol address from the dynamic host configuration protocol;
the intercepting module is used for starting a preset firewall to intercept a dynamic host configuration protocol data packet sent out by the superior route, wherein the dynamic host configuration protocol data packet comprises a plurality of domain name system protocol information;
the modification module is used for modifying the target domain name system protocol information in the dynamic host configuration protocol data packet to obtain a modified dynamic host configuration protocol data packet;
a sending module, configured to send the modified dynamic host configuration protocol data packet to the terminal device, so that the terminal device obtains a target domain name server address determined based on the target domain name system protocol information from the modified dynamic host configuration protocol data packet;
and the execution module is used for resolving a preset fixed domain name corresponding to the domain name system protocol request into the management internet protocol address through a target domain name server determined by the target domain name server address when receiving the domain name system protocol request initiated by the terminal equipment, so that the terminal equipment can access the management interface of the network bridge equipment according to the management internet protocol address.
In a third aspect, an embodiment of the present invention provides a computer device, where the computer device includes a processor and a non-volatile memory storing computer instructions, and when the computer instructions are executed by the processor, the computer device executes the bridge device management method according to the first aspect.
In a fourth aspect, an embodiment of the present invention provides a readable storage medium, where the readable storage medium includes a computer program, and the computer program controls, when running, a computer device in which the readable storage medium is located to execute the bridge device management method in the first aspect.
Compared with the prior art, the beneficial effects provided by the invention comprise: by adopting the network bridge equipment management method, the device and the readable storage medium provided by the embodiment of the invention, when the network bridge equipment is connected to a network, a management internet protocol address is obtained from the superior route according to a dynamic host configuration protocol; restarting a domain name system protocol proxy of the bridge device to determine a domain name server internet protocol address from the dynamic host configuration protocol; then starting a preset firewall to intercept a dynamic host configuration protocol data packet sent out by the superior route, wherein the dynamic host configuration protocol data packet comprises a plurality of domain name system protocol information; modifying the target domain name system protocol information in the dynamic host configuration protocol data packet to obtain a modified dynamic host configuration protocol data packet; then sending the modified dynamic host configuration protocol data packet to the terminal equipment so that the terminal equipment acquires a target domain name server address determined based on the target domain name system protocol information from the modified dynamic host configuration protocol data packet; finally, when receiving a domain name system protocol request initiated by the terminal equipment, resolving a preset fixed domain name corresponding to the domain name system protocol request into the management internet protocol address through a target domain name server determined by the target domain name server address, so that the terminal equipment can access a management interface of the network bridge equipment according to the management internet protocol address, and the network bridge equipment can be reliably managed.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments will be briefly described below. It is appreciated that the following drawings depict only certain embodiments of the invention and are therefore not to be considered limiting of its scope. For a person skilled in the art, it is possible to derive other relevant figures from these figures without inventive effort.
Fig. 1 is an interaction diagram of a bridge device management system according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating steps of a method for managing a bridge device according to an embodiment of the present invention;
fig. 3 is a schematic block diagram of a bridge device management apparatus according to an embodiment of the present invention;
fig. 4 is a schematic block diagram of a structure of a computer device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention. It is to be understood that the embodiments described are only a few embodiments of the present invention, and not all embodiments. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
Furthermore, the terms "first," "second," and the like are used merely to distinguish one description from another, and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it is also to be noted that, unless otherwise explicitly stated or limited, the terms "disposed" and "connected" are to be interpreted broadly, and for example, "connected" may be a fixed connection, a detachable connection, or an integral connection; can be mechanically or electrically connected; the connection may be direct or indirect via an intermediate medium, and may be a communication between the two elements. The specific meanings of the above terms in the present invention can be understood by those skilled in the art according to specific situations.
The following detailed description of embodiments of the invention refers to the accompanying drawings.
Fig. 1 is an interaction diagram of a bridge device management system according to an embodiment of the present invention. The bridge device-based management system may include a bridge device 10, and a terminal device 20, an upper-level router 30, and a domain name server 40 that are communicatively connected to the bridge device 10. The bridge device management system shown in fig. 1 is only one possible example, and in other possible embodiments, the bridge device management system may include only a portion of the components shown in fig. 1 or may include other components.
The terminal device 20 may comprise a mobile device, a tablet computer, a laptop computer, etc., or any combination thereof. In some embodiments, the mobile device may include a smart home device, a wearable device, a smart mobile device, a virtual reality device, an augmented reality device, or the like, or any combination thereof. In some embodiments, the smart home devices may include control devices of smart electrical devices, smart monitoring devices, smart televisions, smart cameras, and the like, or any combination thereof. In some embodiments, the wearable device may include a smart bracelet, a smart lace, smart glass, a smart helmet, a smart watch, a smart garment, a smart backpack, a smart accessory, or the like, or any combination thereof. In some embodiments, the smart mobile device may include a smartphone, a personal digital assistant, a gaming device, and the like, or any combination thereof. In some embodiments, the virtual reality device and/or the augmented reality device may include a virtual reality helmet, virtual reality glass, a virtual reality patch, an augmented reality helmet, augmented reality glass, an augmented reality patch, or the like, or any combination thereof. For example, the virtual reality device and/or augmented reality device may include various virtual reality products and the like.
In this embodiment, the bridge device 10, the terminal device 20, the upper level route 30 and the domain name server 40 in the bridge device management system may be cooperatively used to execute the intelligent medical record management method based on artificial intelligence described in the following method embodiment, and the specific steps of executing the bridge device 10, the terminal device 20, the upper level route 30 and the domain name server 40 may refer to the detailed description of the following method embodiment.
To solve the technical problem in the foregoing background, fig. 2 is a flowchart illustrating a method for managing a bridge device according to an embodiment of the present invention, where the method for managing a bridge device according to the present embodiment may be executed by the bridge device 10 shown in fig. 1, and the method for managing a bridge device is described in detail below.
In step 201, when the bridge device 10 is connected to the network, the management internet protocol address is acquired from the upper level route 30 according to the dhcp.
At step 202, the domain name system protocol proxy of the bridge device 10 is restarted to determine the domain name server internet protocol address from the dynamic host configuration protocol.
Step 203, starting a preset firewall to intercept the dynamic host configuration protocol data packet sent out by the upper-level route 30.
The dynamic host configuration protocol data packet comprises a plurality of domain name system protocol information.
Step 204, modifying the target domain name system protocol information in the dynamic host configuration protocol data packet to obtain a modified dynamic host configuration protocol data packet.
Step 205, sending the modified dhcp packet to the terminal device 20.
So that the terminal device 20 obtains the address of the target domain name server determined based on the target domain name system protocol information from the modified dhcp packet.
In step 206, when receiving that the terminal device 20 initiates a domain name system protocol request, the target domain name server determined by the target domain name server address resolves the preset fixed domain name corresponding to the domain name system protocol request into a management internet protocol address.
So that the terminal device 20 can access the management interface of the bridge device 10 on the basis of the management internet protocol address.
In the embodiment of the present invention, the bridge device 10 is the name of the router when entering the called bridge mode. The bridge device 10 includes a bridge interface, and the bridge device 10 may obtain a management IP address (i.e., a management internet protocol address) from the upper level route 30 through the bridge interface according to the dynamic host configuration protocol, so as to ensure that the management IP address of the bridge interface and the upper level route 30 are in the same network segment. The DNS proxy process (i.e., domain name system protocol proxy) can then be restarted, and in an embodiment of the present invention, the DNS proxy process can use an open source dnmasq (a tool to configure DNS and DHCP) and can resolve all domain name requests passing through the bridge device through the dnmasq. After the DNS proxy process is restarted, the domain name server (DNS server) IP address obtained by the bridge interface from the upper DHC (dynamic host configuration protocol) may be used to subsequently resolve the domain name request sent by the terminal device 20 accessing the bridge device 10. The firewall function of the bridge device 10 may be turned on, and a rule for intercepting DHCP 67 port packets may be set up and down in the firewall FORWARD chain, so that the upper DHCP packet (i.e., an outgoing DHCP packet) may be sent after being processed.
On the basis, the bridge device 10 may capture a DHCP packet of the firewall and modify the DHCP packet, so that after the modified dynamic host configuration protocol packet is sent to the terminal device 20, when the terminal device 20 initiates a DNS request (i.e., a domain name system protocol request), the DNS server address points to the management IP address, and when the terminal device 20 accesses a preset fixed domain name (which may be preset by a user or factory set by a manufacturer) to log in a management interface of the bridge device 10, the modified dynamic host configuration protocol packet may enter the management interface of the bridge device 10.
On the basis of the foregoing, an embodiment of the present invention further provides a specific implementation manner of a bridge device management method when the bridge device is not connected to a network.
In step 301, when the bridge device 10 is not connected to the network, the management internet protocol address of the bridge device 10 is set to the fixed internet protocol address.
Step 302, assigning an access internet protocol address in the same network segment as the management internet protocol address.
Step 303, sending the access internet protocol address to the terminal device 20, so that when the terminal device 20 initiates a domain name system protocol request, the management interface of the network bridge device 10 can be accessed based on the access internet protocol address.
When the bridge device 10 is not connected to the network, the management IP address of the bridge device 10 itself may be set to a fixed IP, and the DHCP server may be turned on. After the terminal device 20 establishes connection with the network bridge device 10, the network bridge device 10 allocates an access internet protocol address in the same network segment as the management internet protocol address and sends the access internet protocol address to the terminal device 20, and when the terminal device 20 receives the access internet protocol address, the terminal device 20 can access a preset fixed domain name when the terminal device 20 initiates a domain name system protocol request, the network bridge device 10 serves as a DNS domain name proxy, and resolves the preset fixed domain name into the access internet protocol address, that is, the management internet protocol address, so that the terminal device 20 can access a management interface of the network bridge device 10.
Through the above steps, when the bridge device 10 is connected to the network or not connected to the network, and the terminal device 20 wants to access the management interface of the bridge device 10, the preset fixed domain name accessed by the terminal device 20 can be resolved into the management internet protocol address of the bridge device 10, so that the user can reliably log in the management interface to perform bridge device management, the problem of IP collision is avoided, and meanwhile, the user can be reduced from participating in manual setting.
As an alternative embodiment, the above step 204 is described in detail below.
Substep 204-1, obtaining dynamic host configuration protocol data to be modified.
Substep 204-2, parsing the dhcp packet into a plurality of dns information.
Wherein, the plurality of domain name system protocol information are used for indicating the dynamic host configuration protocol server to generate the internet protocol address pointing address corresponding to the plurality of domain name system protocol information, the plurality of domain name system protocol information are also used for indicating the corresponding dynamic host configuration protocol server to respectively determine the plurality of domain name system protocol information into dynamic host configuration protocol broadcast information and dynamic host configuration protocol unicast information which respectively correspond to the plurality of domain name system protocol information, and respectively extract the dynamic host configuration protocol request parameter from each sub-broadcast information of the dynamic host configuration protocol broadcast information, and extracting the DHCP acknowledgement parameters from each sub-unicast message of the DHCP unicast message, determining the network pointing identification characteristic information according to the dynamic host configuration protocol request parameter and determining the network address identification characteristic information according to the dynamic host configuration protocol confirmation parameter.
Substep 204-3, adding each of the plurality of domain name system protocol information to the process flow form.
And each domain name system protocol information corresponds to the domain name pushing items in the processing flow form one to one.
And a substep 204-4 of sequentially selecting domain name pushing events from the processing flow form and distributing the selected domain name pushing events to the dynamic host configuration protocol server in parallel.
The domain name pushing item is used for indicating each dynamic host configuration protocol server to generate an internet protocol address pointing address corresponding to a plurality of domain name system protocol information corresponding to the domain name pushing item;
and a substep 204-5 of modifying the target domain name system protocol information based on the network pointing identification characteristic information and the network address identification characteristic information to obtain a modified dynamic host configuration protocol data packet.
It should be noted that the target domain name system protocol information may be DNS information of an option 6 field of a DHCP packet (dynamic host configuration protocol packet), and by modifying the target domain name system protocol information, a DNS of the dynamic host configuration protocol packet can be directed to a bridge interface IP of the bridge device 10, and by tampering with the DHCP packet in the above manner, the terminal device 20 can obtain a DNS server address directed to a bridge interface IP address of the bridge device 10, so as to prepare for subsequently locating a management IP address of the bridge device 10.
On the basis of the foregoing, the dhcp server includes a first dhcp server and a second dhcp server. The embodiment of the invention also provides an embodiment for coordinating the dynamic host configuration protocol servers, which can be completed by the following steps.
And when the first dynamic host configuration protocol server in the idle state does not exist, distributing the domain name pushing items in the processing flow form to the second dynamic host configuration protocol server in the idle state in parallel. The domain name push item is used for instructing the second dhcp server to generate an ip address pointing address corresponding to the plurality of dns information corresponding to the domain name push item.
Through the setting, the running state of the DHCP server can be screened, the DHCP server in an idle state is called to process, and processing item conflict caused by congestion of the DHCP server is avoided.
In order to determine the state of the dhcp server more accurately, the following steps may be performed.
And adding a pushing time node for each domain name pushing item, wherein the pushing time node is used for representing the task initiation time of the corresponding domain name pushing item.
And when the difference between the task initiation time recorded by the push time node and the current time is greater than a preset threshold value, judging that the first dynamic host configuration protocol server in an idle state does not exist.
Through the steps, whether the DHCP server is idle or not can be judged according to the difference between the task initiating time and the current time, so that the processing speed of pushing items is improved.
When the foregoing step 206 is executed, the following specific implementation manner is further provided in the embodiment of the present invention to perform domain name system protocol request anomaly detection.
In sub-step 206-1, a domain name system protocol request sequence is obtained, the domain name system protocol request sequence including a predetermined number of request vectors.
The method comprises the steps that a preset number of request vectors correspond to a preset number of request time nodes, wherein each request vector in the preset number of request vectors is a domain name system protocol request received by the corresponding request time node;
substep 206-2, acquiring preset request identification information of the domain name system protocol request sequence according to the domain name system protocol request sequence;
sub-step 206-3, determining a first request type to which the domain name system protocol request sequence belongs from the plurality of request types according to the preset request identification information.
Each request type in the multiple request types corresponds to one request parameter group, and the preset request identification information belongs to the request parameter group corresponding to the first request type;
and a substep 206-4 of detecting an abnormal condition of the domain name system protocol request sequence according to the detection model of the first type corresponding to the first request type.
Each request type in the multiple request types corresponds to a detection model of the request type, and the detection model is used for detecting the abnormal request of the domain name system protocol.
Through the steps, the domain name system protocol request can be initiated at the terminal device 20 for detection, whether the abnormal domain name system protocol request exists can be accurately judged based on the request vector, and then the management interface of the network bridge device 10 can be protected from being logged in by lawless persons and operated, and the safety of users is improved.
On the basis, the preset request identification information further comprises a request judgment basis, and the request judgment basis is used for representing the request signal variation around the long-term trend presented in the domain name system protocol request sequence. The following detailed description is possible for the aforementioned sub-step 206-2.
(1) Each request vector in a preset number of request vectors in a domain name system protocol request sequence is decomposed into a strength component vector, a request component vector and a confidence component vector.
(2) A first sub-domain name system protocol request sequence comprising a preset number of request component vectors and a second sub-domain name system protocol request sequence comprising a preset number of confidence component vectors are determined.
(3) And acquiring preset request identification information of the domain name system protocol request sequence according to the first sub-domain name system protocol request sequence and the second sub-domain name system protocol request sequence.
Specifically, whether a request judgment basis exists in the domain name system protocol request sequence or not can be determined according to the first sub-domain name system protocol request sequence. Determining a judgment basis for the existence of the request component vectors of the domain name system protocol request sequence under the condition that the preset number of request component vectors in the first sub-domain name system protocol request sequence exist; and under the condition that the preset number of request component vectors in the first sub-domain name system protocol request sequence do not exist, determining that the domain name system protocol request sequence does not exist a request judgment basis, and according to the second sub-domain name system protocol request sequence.
In addition to performing the parts (1), (2) and (3) of the aforementioned sub-step 206-2, the following steps may also be performed on the basis of the aforementioned sub-step 206-2.
(4) And determining a second type detection model corresponding to the first request type according to the first mapping relation and the first request type to which the domain name system protocol request sequence belongs.
The first mapping relation comprises a corresponding relation between a plurality of request types and a plurality of second detection models.
(5) And detecting the abnormal condition of the domain name system protocol request sequence according to a second sub domain name system protocol request sequence and a second type detection model corresponding to the first request type, wherein the second type detection model is an N-sigma model.
The following embodiments are also provided for the foregoing sub-implementation 206-3.
(1) According to the preset request identification information, a first request parameter group to which the preset request identification information belongs is determined from a plurality of request parameter groups.
(2) And determining a first request type to which the domain name system protocol request sequence belongs from the plurality of request types according to the third mapping relation and the first request parameter group.
The third mapping relationship comprises a corresponding relationship between a plurality of request parameter groups and a plurality of request types.
As an alternative implementation, the embodiment of the present invention provides a specific implementation of the foregoing sub-step 206-4. Reference may be made to the following steps.
(1) Determining a third sub-domain name system protocol request sequence comprising a preset number of strength component vectors.
(2) The second time series is divided into a preset number of subsequences of the target length.
Wherein the second time series is a third sub-domain name system protocol request series or the second time series is formed according to the third sub-domain name system protocol request series.
(3) Calculating historical contrast confidence degrees of the subsequences with the preset number of target lengths, wherein the historical contrast confidence degrees of the subsequences with the preset number of target lengths form a contrast confidence degree set; and detecting the abnormal condition of the domain name system protocol request sequence according to the comparison confidence set and the N-sigma algorithm.
It should be appreciated that to enable accurate anomaly detection of domain name system protocol requests, the following steps may also be preferentially performed before sub-step 206-4 is performed.
And determining a first class detection model corresponding to the first request type according to a second mapping relation and the first request type to which the domain name system protocol request sequence belongs, wherein the second mapping relation comprises a plurality of request types and a plurality of corresponding relations of the first class detection models.
The embodiment of the invention provides a bridge device management apparatus 110, which is applied to a bridge device 10 in a bridge device management system, wherein the bridge device 10 is in communication connection with a terminal device 20, a superior router 30 and a domain name server 40 respectively;
the device comprises:
an obtaining module 1101, configured to obtain a management internet protocol address from the upper level route 30 according to the dynamic host configuration protocol when the bridge device 10 is connected to the network.
The restart module 1102 is configured to restart the domain name system protocol proxy of the bridge device 10 to determine the domain name server internet protocol address from the dynamic host configuration protocol.
The intercepting module 1103 is configured to start a preset firewall to intercept a dynamic host configuration protocol data packet sent by the upper-level router 30, where the dynamic host configuration protocol data packet includes multiple pieces of domain name system protocol information.
And the modifying module 1104 is configured to modify the target domain name system protocol information in the dhcp packet to obtain a modified dhcp packet.
A sending module 1105, configured to send the modified dhcp packet to the terminal device 20, so that the terminal device 20 obtains the target dns address determined based on the target dns protocol information from the modified dhcp packet.
The executing module 1106 is configured to, when receiving a domain name system protocol request initiated by the terminal device 20, resolve a preset fixed domain name corresponding to the domain name system protocol request into a management internet protocol address through a target domain name server determined by a target domain name server address, so that the terminal device 20 can access the management interface of the network bridge device 10 according to the management internet protocol address.
Further, the obtaining module 1101 is further configured to:
setting the management internet protocol address of the bridge device 10 to a fixed internet protocol address when the bridge device 10 is not connected to the network; distributing an access internet protocol address in the same network segment with the management internet protocol address; the access internet protocol address is sent to the terminal device 20 so that when the terminal device 20 initiates a domain name system protocol request, the management interface of the bridge device 10 can be accessed based on the access internet protocol address.
Further, the modifying module 1104 is specifically configured to:
acquiring a dynamic host configuration protocol data packet to be modified; resolving the DHCP data packet into a plurality of DNS protocol messages, wherein the plurality of DNS protocol messages are used for instructing the DHCP server to generate an Internet protocol address pointing address corresponding to the plurality of DNS protocol messages, the plurality of DNS protocol messages are also used for instructing the corresponding DHCP server to respectively determine the plurality of DNS protocol messages into corresponding broadcasting messages of the DHCP broadcast and unicast messages of the DHCP unicast, respectively extracting a DHCP request parameter from each sub-broadcasting message of the broadcasting messages of the DHCP broadcast, and extracting the DHCP acknowledgement parameters from each sub-unicast message of the DHCP unicast message, determining network pointing identification characteristic information according to the dynamic host configuration protocol request parameter and determining network address identification characteristic information according to the dynamic host configuration protocol confirmation parameter; adding each of the plurality of domain name system protocol information to a processing flow form, wherein each of the domain name system protocol information corresponds to a domain name pushing item in the processing flow form one to one; sequentially selecting domain name pushing items from the processing flow form, and distributing the selected domain name pushing items to the dynamic host configuration protocol servers in parallel, wherein the domain name pushing items are used for indicating each dynamic host configuration protocol server to generate Internet protocol address pointing addresses corresponding to a plurality of domain name system protocol information corresponding to the domain name pushing items; and modifying the target domain name system protocol information based on the network pointing identification characteristic information and the network address identification characteristic information to obtain a modified dynamic host configuration protocol data packet.
Further, the dynamic host configuration protocol server comprises a first dynamic host configuration protocol server and a second dynamic host configuration protocol server. The obtaining module 1101 is further configured to:
and when the first dynamic host configuration protocol server in the idle state does not exist, distributing the domain name pushing items in the processing flow form to a second dynamic host configuration protocol server in the idle state in parallel, wherein the domain name pushing items are used for indicating the second dynamic host configuration protocol server to generate an internet protocol address pointing address corresponding to a plurality of domain name system protocol information corresponding to the domain name pushing items.
Further, the obtaining module 1101 is specifically configured to:
adding a pushing time node for each domain name pushing item, wherein the pushing time node is used for representing the task initiation time of the corresponding domain name pushing item; and when the difference between the task initiation time recorded by the push time node and the current time is greater than a preset threshold value, judging that the first dynamic host configuration protocol server in an idle state does not exist.
Further, when receiving a domain name system protocol request initiated by the terminal device 20, the obtaining module 1101 is further specifically configured to:
acquiring a domain name system protocol request sequence, wherein the domain name system protocol request sequence comprises a preset number of request vectors, and the preset number of request vectors correspond to preset number of request time nodes, wherein each request vector in the preset number of request vectors is a domain name system protocol request received by the corresponding request time node; acquiring preset request identification information of a domain name system protocol request sequence according to the domain name system protocol request sequence; determining a first request type to which a domain name system protocol request sequence belongs from a plurality of request types according to preset request identification information, wherein each request type in the plurality of request types corresponds to a request parameter group, and the preset request identification information belongs to the request parameter group corresponding to the first request type; and detecting the abnormal condition of the domain name system protocol request sequence according to a first type detection model corresponding to the first request type, wherein each request type in the plurality of request types corresponds to one request type detection model, and the detection model is used for detecting the abnormal condition of the domain name system protocol request.
Further, the preset request identification information further includes a request decision basis, and the request decision basis is used for representing the request signal variation around the long-term trend presented in the domain name system protocol request sequence. The obtaining module 1101 is further specifically configured to:
decomposing each request vector in a preset number of request vectors in a domain name system protocol request sequence into a strength component vector, a request component vector and a confidence coefficient component vector; determining a first sub-domain name system protocol request sequence comprising a preset number of request component vectors and a second sub-domain name system protocol request sequence comprising a preset number of confidence component vectors; and acquiring preset request identification information of the domain name system protocol request sequence according to the first sub-domain name system protocol request sequence and the second sub-domain name system protocol request sequence.
It should be noted that, for the implementation principle of the bridge device management apparatus 110, reference may be made to the implementation principle of the bridge device management method, which is not described herein again, and it should be understood that the division of each module of the apparatus is only a division of a logic function, and all or part of the division may be integrated on a physical entity or may be physically separated in actual implementation. And these modules can be realized in the form of software called by processing element; or may be implemented entirely in hardware; and part of the modules can be realized in the form of calling software by the processing element, and part of the modules can be realized in the form of hardware. For example, the obtaining module 1101 may be a processing element separately set up, or may be implemented by being integrated into a chip of the apparatus, or may be stored in a memory of the apparatus in the form of program code, and the processing element of the apparatus calls and executes the functions of the obtaining module 1101. Other modules are implemented similarly. In addition, all or part of the modules can be integrated together or can be independently realized. The processing element described herein may be an integrated circuit having signal processing capabilities. In implementation, each step of the above method or each module above may be implemented by an integrated logic circuit of hardware in a processor element or an instruction in the form of software.
For example, the above modules may be one or more integrated circuits configured to implement the above methods, such as: one or more Application Specific Integrated Circuits (ASICs), or one or more microprocessors (DSPs), or one or more Field Programmable Gate Arrays (FPGAs), among others. For another example, when some of the above modules are implemented in the form of a processing element scheduler code, the processing element may be a general-purpose processor, such as a Central Processing Unit (CPU) or other processor that can call program code. As another example, these modules may be integrated together, implemented in the form of a system-on-a-chip (SOC).
The embodiment of the present invention provides a computer device 100, where the computer device 100 includes a processor and a non-volatile memory storing computer instructions, and when the computer instructions are executed by the processor, the computer device 100 executes the aforementioned bridge device management method. As shown in fig. 4, fig. 4 is a block diagram of a computer device 100 according to an embodiment of the present invention. The computer device 100 includes a bridge device management apparatus 110, a memory 111, a processor 112, and a communication unit 113.
To facilitate the transfer or interaction of data, the elements of the memory 111, the processor 112 and the communication unit 113 are electrically connected to each other, directly or indirectly. For example, the components may be electrically connected to each other via one or more communication buses or signal lines. The bridge device management apparatus 110 includes at least one software function module which may be stored in the memory 111 in the form of software or firmware (firmware) or solidified in an Operating System (OS) of the computer device 100. The processor 112 is used for executing executable modules stored in the memory 111, such as software functional modules and computer programs included in the bridge device management apparatus 110.
The embodiment of the invention provides a readable storage medium, which comprises a computer program, and when the computer program runs, the computer program controls a computer device on which the readable storage medium is located to execute the aforementioned bridge device management method.
The readable storage medium described above may be implemented by any type of volatile or non-volatile memory device or combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disk. Readable storage media can be any available media that can be accessed by a general purpose or special purpose computer.
In summary, embodiments of the present invention provide a method, an apparatus, and a readable storage medium for managing a bridge device, where when the bridge device is connected to a network, a management internet protocol address is obtained from the upper-level route according to a dynamic host configuration protocol; restarting a domain name system protocol proxy of the bridge device to determine a domain name server internet protocol address from the dynamic host configuration protocol; then starting a preset firewall to intercept a dynamic host configuration protocol data packet sent out by the superior route, wherein the dynamic host configuration protocol data packet comprises a plurality of domain name system protocol information; modifying the target domain name system protocol information in the dynamic host configuration protocol data packet to obtain a modified dynamic host configuration protocol data packet; then sending the modified dynamic host configuration protocol data packet to the terminal equipment so that the terminal equipment acquires a target domain name server address determined based on the target domain name system protocol information from the modified dynamic host configuration protocol data packet; finally, when receiving a domain name system protocol request initiated by the terminal equipment, resolving a preset fixed domain name corresponding to the domain name system protocol request into the management internet protocol address through a target domain name server determined by the target domain name server address, so that the terminal equipment can access a management interface of the network bridge equipment according to the management internet protocol address, and the network bridge equipment can be reliably managed.
The foregoing description, for purpose of explanation, has been described with reference to specific embodiments. However, the illustrative discussions above are not intended to be exhaustive or to limit the disclosure to the precise forms disclosed. Many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the disclosure and its practical applications, to thereby enable others skilled in the art to best utilize the disclosure and various embodiments with various modifications as are suited to the particular use contemplated. The foregoing description, for purpose of explanation, has been described with reference to specific embodiments. However, the illustrative discussions above are not intended to be exhaustive or to limit the disclosure to the precise forms disclosed. Many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the disclosure and its practical applications, to thereby enable others skilled in the art to best utilize the disclosure and various embodiments with various modifications as are suited to the particular use contemplated.

Claims (10)

1. A network bridge equipment management method is characterized in that the method is applied to network bridge equipment in a network bridge equipment management system, and the network bridge equipment is respectively in communication connection with terminal equipment, a superior router and a domain name server;
the method comprises the following steps:
when the network bridge equipment is connected to a network, acquiring a management internet protocol address from the superior route according to a dynamic host configuration protocol;
restarting a domain name system protocol proxy of the bridge device to determine a domain name server internet protocol address from the dynamic host configuration protocol;
starting a preset firewall to intercept a dynamic host configuration protocol data packet sent out by the superior route, wherein the dynamic host configuration protocol data packet comprises a plurality of domain name system protocol information;
modifying the target domain name system protocol information in the dynamic host configuration protocol data packet to obtain a modified dynamic host configuration protocol data packet;
sending the modified dynamic host configuration protocol data packet to the terminal equipment so that the terminal equipment acquires a target domain name server address determined based on the target domain name system protocol information from the modified dynamic host configuration protocol data packet;
when receiving a domain name system protocol request initiated by the terminal equipment, resolving a preset fixed domain name corresponding to the domain name system protocol request into a management internet protocol address through a target domain name server determined by the target domain name server address, so that the terminal equipment can access a management interface of the network bridge equipment according to the management internet protocol address.
2. The method of claim 1, further comprising:
setting a management internet protocol address of the bridge device to a fixed internet protocol address when the bridge device is not connected to a network;
distributing an access internet protocol address in the same network segment as the management internet protocol address;
and sending the access internet protocol address to the terminal equipment so that the terminal equipment can access the management interface of the network bridge equipment based on the access internet protocol address when initiating a domain name system protocol request.
3. The method according to claim 1, wherein the modifying the target dns protocol information in the dhcp packet to obtain a modified dhcp packet includes:
acquiring a dynamic host configuration protocol data packet to be modified;
resolving the DHCP data packet into a plurality of DNS protocol messages, wherein the DNS protocol messages are used for indicating the DHCP server to generate Internet protocol address pointing addresses corresponding to the DNS protocol messages, the DNS protocol messages are also used for indicating the corresponding DHCP server to respectively determine the corresponding DNS protocol messages into dynamic host configuration protocol broadcast messages and dynamic host configuration protocol unicast messages, respectively extracting dynamic host configuration protocol request parameters from each sub-broadcast message of the dynamic host configuration protocol broadcast messages, and extracting the dynamic host configuration protocol confirmation parameters from each sub-broadcast message of the dynamic host configuration protocol unicast messages, determining network pointing identification feature information according to the dynamic host configuration protocol request parameters, and confirming the reference messages according to the dynamic host configuration protocol Determining network address identification characteristic information;
adding each of a plurality of domain name system protocol information to a processing flow form, wherein each of the domain name system protocol information corresponds to a domain name pushing item in the processing flow form one to one;
sequentially selecting domain name pushing items from the processing flow form, and distributing the selected domain name pushing items to the dynamic host configuration protocol servers in parallel, wherein the domain name pushing items are used for indicating each dynamic host configuration protocol server to generate Internet protocol address pointing addresses corresponding to a plurality of domain name system protocol information corresponding to the domain name pushing items;
and modifying the target domain name system protocol information based on the network pointing identification characteristic information and the network address identification characteristic information to obtain a modified dynamic host configuration protocol data packet.
4. The method of claim 3, wherein the DHCP server comprises a first DHCP server and a second DHCP server;
the method further comprises the following steps:
when the first dynamic host configuration protocol server in the idle state does not exist, the domain name pushing item in the processing flow form is parallelly distributed to a second dynamic host configuration protocol server in the idle state, wherein the domain name pushing item is used for indicating the second dynamic host configuration protocol server to generate an internet protocol address pointing address corresponding to a plurality of domain name system protocol information corresponding to the domain name pushing item.
5. The method of claim 4, further comprising:
adding a pushing time node for each domain name pushing item, wherein the pushing time node is used for representing the task initiation time of the corresponding domain name pushing item;
and when the difference between the task initiation time recorded by the pushing time node and the current time is greater than a preset threshold value, judging that no first dynamic host configuration protocol server in an idle state exists.
6. The method according to claim 1, wherein when receiving the domain name system protocol request initiated by the terminal device, the method further comprises:
acquiring a domain name system protocol request sequence, wherein the domain name system protocol request sequence comprises a preset number of request vectors, the preset number of request vectors correspond to a preset number of request time nodes, and each request vector in the preset number of request vectors is a domain name system protocol request received by the corresponding request time node;
acquiring preset request identification information of the domain name system protocol request sequence according to the domain name system protocol request sequence;
determining a first request type to which the domain name system protocol request sequence belongs from a plurality of request types according to the preset request identification information, wherein each request type in the plurality of request types corresponds to a request parameter group, and the preset request identification information belongs to the request parameter group corresponding to the first request type;
and detecting the abnormal condition of the domain name system protocol request sequence according to a first class detection model corresponding to the first request type, wherein each request type in the plurality of request types corresponds to one request type detection model, and the detection model is used for detecting the abnormal condition of the domain name system protocol request.
7. The method according to claim 6, wherein the predetermined request identification information further comprises a request decision basis, and the request decision basis is used for representing the change of the request signal around the long-term trend presented in the domain name system protocol request sequence;
the acquiring the preset request identification information of the domain name system protocol request sequence according to the domain name system protocol request sequence comprises:
decomposing each request vector in the preset number of request vectors in the domain name system protocol request sequence into a strength component vector, a request component vector and a confidence coefficient component vector;
determining a first sub-domain name system protocol request sequence comprising a preset number of the request component vectors and a second sub-domain name system protocol request sequence comprising a preset number of the confidence component vectors;
and acquiring preset request identification information of the domain name system protocol request sequence according to the first sub-domain name system protocol request sequence and the second sub-domain name system protocol request sequence.
8. A bridge device management device is characterized in that the device is applied to a bridge device in a bridge device management system, and the bridge device is respectively in communication connection with a terminal device, a superior router and a domain name server;
the device comprises:
an obtaining module, configured to obtain a management internet protocol address from the upper-level route according to a dynamic host configuration protocol when the network bridge device is connected to a network;
the restarting module is used for restarting a domain name system protocol agent of the network bridge equipment so as to determine a domain name server internet protocol address from the dynamic host configuration protocol;
the intercepting module is used for starting a preset firewall to intercept a dynamic host configuration protocol data packet sent out by the superior route, wherein the dynamic host configuration protocol data packet comprises a plurality of domain name system protocol information;
the modification module is used for modifying the target domain name system protocol information in the dynamic host configuration protocol data packet to obtain a modified dynamic host configuration protocol data packet;
a sending module, configured to send the modified dynamic host configuration protocol data packet to the terminal device, so that the terminal device obtains a target domain name server address determined based on the target domain name system protocol information from the modified dynamic host configuration protocol data packet;
and the execution module is used for resolving a preset fixed domain name corresponding to the domain name system protocol request into the management internet protocol address through a target domain name server determined by the target domain name server address when receiving the domain name system protocol request initiated by the terminal equipment, so that the terminal equipment can access the management interface of the network bridge equipment according to the management internet protocol address.
9. A computer device comprising a processor and a non-volatile memory storing computer instructions that, when executed by the processor, perform the bridge device management method of any of claims 1-7.
10. A readable storage medium, characterized in that the readable storage medium comprises a computer program, which when executed controls a computer device on which the readable storage medium is located to perform the bridge device management method of any one of claims 1 to 7.
CN202010509262.6A 2020-06-07 2020-06-07 Network bridge equipment management method and device and readable storage medium Active CN111641733B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010509262.6A CN111641733B (en) 2020-06-07 2020-06-07 Network bridge equipment management method and device and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010509262.6A CN111641733B (en) 2020-06-07 2020-06-07 Network bridge equipment management method and device and readable storage medium

Publications (2)

Publication Number Publication Date
CN111641733A true CN111641733A (en) 2020-09-08
CN111641733B CN111641733B (en) 2021-04-02

Family

ID=72331229

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010509262.6A Active CN111641733B (en) 2020-06-07 2020-06-07 Network bridge equipment management method and device and readable storage medium

Country Status (1)

Country Link
CN (1) CN111641733B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112333733A (en) * 2020-11-04 2021-02-05 杭州海康威视数字技术股份有限公司 Network connection establishing method and electronic equipment
CN112584383A (en) * 2021-02-26 2021-03-30 深圳市乙辰科技股份有限公司 Intelligent firewall configuration method and device based on multiple network ports of wireless network equipment
CN113613274A (en) * 2021-09-01 2021-11-05 四川九州电子科技股份有限公司 Intelligent access configuration method based on Mesh networking
CN114301875A (en) * 2021-12-21 2022-04-08 锐捷网络股份有限公司 Management and control method and device for DHCP proxy side and electronic equipment
CN114448750A (en) * 2022-01-19 2022-05-06 深圳市联洲国际技术有限公司 Communication method, device, equipment and medium in pure bridge mode
CN114449059A (en) * 2022-01-18 2022-05-06 拉扎斯网络科技(上海)有限公司 Communication control method and device

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006107133A1 (en) * 2005-04-06 2006-10-12 Scope Inc. Ip management method and apparatus for protecting/blocking specific ip address or specific device on network
CN1863196A (en) * 2005-05-11 2006-11-15 中国科学院计算技术研究所 Service agent method for multi-protocol domain analytical service
CN102857587A (en) * 2012-08-17 2013-01-02 福建三元达通讯股份有限公司 Method and system for sharing dynamic address pool in multi-virtual local area network (VLAN) environment
CN103812955A (en) * 2012-11-12 2014-05-21 中国移动通信集团公司 Terminal access management platform address method and system and terminal
CN103812959A (en) * 2012-11-15 2014-05-21 中国电信股份有限公司 Method and system for centralized management of IP addresses
CN103916492A (en) * 2014-04-11 2014-07-09 深信服网络科技(深圳)有限公司 Network device access control method and device
CN105210330A (en) * 2014-04-22 2015-12-30 柏思科技有限公司 Methods and systems for processing a dns request
CN105594159A (en) * 2013-07-26 2016-05-18 慧与发展有限责任合伙企业 Network configuration using service identifier
CN105813078A (en) * 2016-05-05 2016-07-27 杭州树熊网络有限公司 Network authentication method, device and system and AP (ACCESS POINT) with authentication function
CN105992262A (en) * 2016-06-30 2016-10-05 西安电子科技大学 Adaptive mode switching method for wireless Mesh network
CN106534290A (en) * 2016-11-04 2017-03-22 浙江宇视科技有限公司 Self-adaptive maintaining method and device for IP address of maintained device
CN108124288A (en) * 2016-11-28 2018-06-05 中国移动通信集团辽宁有限公司 For the switching of S1 interfaces, the method and network system of network construction
CN108769287A (en) * 2018-05-31 2018-11-06 四川斐讯全智信息技术有限公司 A kind of router domain name access method, system, computer equipment and storage medium
CN110572406A (en) * 2019-09-12 2019-12-13 深信服科技股份有限公司 Method, system and related device for determining lost host

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006107133A1 (en) * 2005-04-06 2006-10-12 Scope Inc. Ip management method and apparatus for protecting/blocking specific ip address or specific device on network
CN1863196A (en) * 2005-05-11 2006-11-15 中国科学院计算技术研究所 Service agent method for multi-protocol domain analytical service
CN100576846C (en) * 2005-05-11 2009-12-30 中国科学院计算技术研究所 Service broker's method of multi-protocols domain name mapping service
CN102857587A (en) * 2012-08-17 2013-01-02 福建三元达通讯股份有限公司 Method and system for sharing dynamic address pool in multi-virtual local area network (VLAN) environment
CN103812955A (en) * 2012-11-12 2014-05-21 中国移动通信集团公司 Terminal access management platform address method and system and terminal
CN103812959A (en) * 2012-11-15 2014-05-21 中国电信股份有限公司 Method and system for centralized management of IP addresses
CN105594159A (en) * 2013-07-26 2016-05-18 慧与发展有限责任合伙企业 Network configuration using service identifier
CN103916492A (en) * 2014-04-11 2014-07-09 深信服网络科技(深圳)有限公司 Network device access control method and device
CN105210330A (en) * 2014-04-22 2015-12-30 柏思科技有限公司 Methods and systems for processing a dns request
CN105813078A (en) * 2016-05-05 2016-07-27 杭州树熊网络有限公司 Network authentication method, device and system and AP (ACCESS POINT) with authentication function
CN105992262A (en) * 2016-06-30 2016-10-05 西安电子科技大学 Adaptive mode switching method for wireless Mesh network
CN106534290A (en) * 2016-11-04 2017-03-22 浙江宇视科技有限公司 Self-adaptive maintaining method and device for IP address of maintained device
CN108124288A (en) * 2016-11-28 2018-06-05 中国移动通信集团辽宁有限公司 For the switching of S1 interfaces, the method and network system of network construction
CN108769287A (en) * 2018-05-31 2018-11-06 四川斐讯全智信息技术有限公司 A kind of router domain name access method, system, computer equipment and storage medium
CN110572406A (en) * 2019-09-12 2019-12-13 深信服科技股份有限公司 Method, system and related device for determining lost host

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112333733A (en) * 2020-11-04 2021-02-05 杭州海康威视数字技术股份有限公司 Network connection establishing method and electronic equipment
CN112333733B (en) * 2020-11-04 2022-04-05 杭州海康威视数字技术股份有限公司 Network connection establishing method and electronic equipment
CN112584383A (en) * 2021-02-26 2021-03-30 深圳市乙辰科技股份有限公司 Intelligent firewall configuration method and device based on multiple network ports of wireless network equipment
CN113613274A (en) * 2021-09-01 2021-11-05 四川九州电子科技股份有限公司 Intelligent access configuration method based on Mesh networking
CN113613274B (en) * 2021-09-01 2023-08-18 四川九州电子科技股份有限公司 Intelligent access configuration method based on Mesh networking
CN114301875A (en) * 2021-12-21 2022-04-08 锐捷网络股份有限公司 Management and control method and device for DHCP proxy side and electronic equipment
CN114449059A (en) * 2022-01-18 2022-05-06 拉扎斯网络科技(上海)有限公司 Communication control method and device
CN114448750A (en) * 2022-01-19 2022-05-06 深圳市联洲国际技术有限公司 Communication method, device, equipment and medium in pure bridge mode

Also Published As

Publication number Publication date
CN111641733B (en) 2021-04-02

Similar Documents

Publication Publication Date Title
CN111641733B (en) Network bridge equipment management method and device and readable storage medium
CN109981344B (en) Scanning method, scanning device and network forwarding equipment
EP3664372B1 (en) Network management method and related device
CN109802985B (en) Data transmission method, device, equipment and readable storage medium
CN110311929B (en) Access control method and device, electronic equipment and storage medium
CN107819891B (en) Data processing method, data processing device, computer equipment and storage medium
CN106210155B (en) Method and device for connecting application server
CN111182089B (en) Container cluster system, method and device for accessing big data assembly and server
WO2017206576A1 (en) Gateway service processing method and apparatus
US20200007385A1 (en) Compromised network node detection system
CN112221121A (en) Application software networking acceleration method and device and storage medium
CN111385180B (en) Communication tunnel construction method, device, equipment and medium
US11075915B2 (en) System and method for securing communication between devices on a network
CN114070723A (en) Virtual network configuration method and system of bare metal server and intelligent network card
CN114143283A (en) Tunnel self-adaptive configuration method and device, center-end equipment and communication system
CN113315848A (en) Access control method, device and equipment
US20160191368A1 (en) Information processing device, method, and medium
CN108124021B (en) Method, device and system for obtaining Internet Protocol (IP) address and accessing website
WO2016159964A1 (en) Network policy distribution
CN110809004A (en) Safety protection method and device, electronic equipment and storage medium
CN112153173B (en) IPv6 address rapid deployment and distribution method and device
CN111988446B (en) Message processing method and device, electronic equipment and storage medium
CN110995502B (en) Network configuration management method, device, switching equipment and readable storage medium
CN114244555A (en) Method for adjusting security policy
JP4195657B2 (en) Network address assignment device, network address assignment method, and network address assignment program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant